ES2224841A1 - Personal network identification method using a cd-card - Google Patents

Personal network identification method using a cd-card

Info

Publication number
ES2224841A1
ES2224841A1 ES200300689A ES200300689A ES2224841A1 ES 2224841 A1 ES2224841 A1 ES 2224841A1 ES 200300689 A ES200300689 A ES 200300689A ES 200300689 A ES200300689 A ES 200300689A ES 2224841 A1 ES2224841 A1 ES 2224841A1
Authority
ES
Spain
Prior art keywords
card
user
identification
dvd
errors
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
ES200300689A
Other languages
Spanish (es)
Other versions
ES2224841B1 (en
Inventor
Pedro Gallego Rubio
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to ES200300689A priority Critical patent/ES2224841B1/en
Priority to PCT/ES2004/000122 priority patent/WO2004084487A1/en
Publication of ES2224841A1 publication Critical patent/ES2224841A1/en
Application granted granted Critical
Publication of ES2224841B1 publication Critical patent/ES2224841B1/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/086Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by passive credit-cards adapted therefor, e.g. constructive particularities to avoid counterfeiting, e.g. by inclusion of a physical or chemical security-layer
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Abstract

The invention relates to a personal network identification method using a CD-card. The inventive method consists in using a CD- or DVD-type digital medium or card comprising a zone in which a series of grooves, writing entries or marks have been made, which the reader interprets as errors and which are recorded in the database of the server. In this way, when a verification operation (payment, etc.) is to be performed using the Internet (network), the card is inserted into the CD reader and information is exchanged between the CD and the server in order to verify that the determined number of errors correspond with those in the database, thereby authenticating that the person performing the operation is the card owner.

Description

Sistema de identificación de usuarios en la red.User identification system in the net.

La invención se encuadra en el sector de las nuevas tecnologías, en concreto se trata de un procedimiento de comprobación de autoría en las operaciones realizadas a través de una red informática ya sea local o remota (internet), haciendo uso de un hardware de identificación adicional tipo: cd-card, dvd-card, DVD o CD-Rom personal que se le proporcionará a cada usuario con el alta del servi-
do.The invention falls within the field of new technologies, in particular it is a procedure for verifying authorship in operations carried out through a computer network either local or remote (internet), using additional identification hardware Type: cd-card, dvd-card, DVD or personal CD-Rom that will be provided to each user with the registration of the service
do.

El estado de la técnica en la materia aporta los sistemas de comprobación o verificación de usuarios que incorporan requisitos de seguridad en las operaciones que se realizan a través de Internet. En concreto, los sistemas de pago a través de Internet están basado en unos formularios donde el usuario implementa toda la información que le es requerida; nombre y apellidos, clave de usuario, número de tarjeta, fecha de caducidad, etc., en todos los casos la información viaja por la red, generalmente encriptada y el protocolo de seguridad la valida.The state of the art in the field provides the verification or verification systems of users that incorporate security requirements in operations carried out through from Internet. Specifically, payment systems over the Internet they are based on forms where the user implements all the information that is required; name and surname, password of user, card number, expiration date, etc., in all cases the information travels through the network, usually encrypted and the security protocol validates it.

Incluso algunos sistemas de seguridad solicitan una clave dinámica que puede ser consultada por el usuario en una tarjeta que le ha proporcionado el banco.Even some security systems request a dynamic key that can be consulted by the user in a card provided by the bank.

Así el "Sistema de identificación de usuarios en la red" no tiene antecedentes en el estado de la técnica y aporta respecto a la misma las siguientes venta-
jas:Thus, the "User identification system in the network" has no background in the state of the art and provides the following sales with respect to it.
jas:

Es complementario a los sistemas de seguridad convencionales aumentando la seguridad de las operaciones en Internet mediante asociación de un usuario a un hardware de identificación, periférico, que se le entrega al mismo y donde se realizan los errores, marcas o ralladuras en el soporte, que lo hacen único.It is complementary to conventional security systems increasing the security of Internet operations by associating a user with a identification hardware, peripheral, delivered to it and where errors, marks or scratches on the support are made, That make it unique.

Es muy sencillo de usar y, a diferencia de las tarjetas donde se consultan claves dinámicas, no incorpora ningún campo adicional en la realización de la operación.It is very simple to use and, unlike the cards where keys are consulted dynamic, does not incorporate any additional field in the realization of the operation.

El "Sistema de identificación de usuarios en la red" de aplicación en redes locales o remotas donde los usuarios puedan acceder a información personal y/o realizar operaciones en soporte electrónico, consiste en un hardware de identificación tipo: cd-card, dvd-card, DVD o CD-Rom que dispone de una zona específica donde el usuario para realizar el alta realizará su ralladuras, escrituras o marcas que lo identifican de forma unívoca en términos de errores del sistema. A continuación, se procede por la organización a su grabado en la base de datos del servidor encargado de la identificación que da soporte a la transferencia de datos. Posteriormente, el usuario puede ya realizar unaoperación en cualquier ordenador con conexión al servidor de identificación, el cual le pide una comprobación de autoría mediante la comparación entre los errores de la base de datos del servidor y los existentes en su cd-card, dvd-card, DVD o CD-Rom una vez introducido en el ordenador desde donde desea realizar la operación.The "User Identification System in the network "application in local or remote networks where users can access personal information and / or perform operations in electronic support, consists of an identification hardware Type: CD-Card, DVD-Card, DVD or CD-Rom that has a specific area where the user to register will make their scratches, deeds or brands that uniquely identify it in terms of errors of the system. Then, the organization proceeds to its recorded in the database of the server in charge of the identification that supports data transfer. Subsequently, the user can already perform an operation on any computer with connection to the identification server, the which asks for proof of authorship by comparing between server database errors and existing ones on your cd-card, dvd-card, DVD or CD-Rom once inserted into the computer from Where you want to perform the operation.

Así, mediante dicho software, cuando introducimos nuestro hardware de identificación tipo: cd-card, dvd-card, DVD o CD-Rom en el equipo informático desde donde deseamos realizar la operación y activamos el mismo, se intercambia información entre nuestro equipo informático y el servidor correspondiente, verificando que el número determinado de errores detectados en el equipo, coinciden con los de las bases de datos previamente almacenados en el servidor de identificación, con lo que se comprueba que la persona que hace la operación es quien maneja el equipo informático, y se autoriza la transacción.Thus, by means of said software, when we introduce Our hardware identification type: cd-card, dvd-card, DVD or CD-Rom on the computer IT from where we want to perform the operation and activate the same, information is exchanged between our team computer and the corresponding server, verifying that the determined number of errors detected in the device, match with those of the databases previously stored on the server  of identification, which proves that the person doing the operation is who manages the computer equipment, and is authorized the transaction.

A modo de ejemplo de realización preferente del "Sistema de identificación de usuarios en la red" se puede llevar a cabo para realizar operaciones de banca electrónica con un hardware de identificación que proporciona el banco a sus clientes usuarios de este servicio y sobre el que se indica la zona donde han de hacer la marca. Una vez rubricada por el usuario en las oficinas del banco, la entidad emisora graba en la base de datos del servidor todos los errores que se han cometido en la tarjeta del hardware del usuario, verifica su adecuación, la protege contra escritura y se la devuelve a su cliente.By way of example of preferred embodiment of "User identification system on the network" can be carry out to perform electronic banking operations with a identification hardware provided by the bank to its customers users of this service and on which the area where They have to make the mark. Once signed by the user in the Bank offices, the issuing entity records in the database of the server all the errors that have been committed on the card of the user's hardware, verify its suitability, protect it against write and return it to your client.

Así, el cliente ya puede conservarla y hacer uso de ésta cada vez que quiera realizar una operación sobre sus cuentas en soporte electrónico en condiciones óptimas de seguridad.Thus, the customer can now keep it and make use of this every time you want to perform an operation on your accounts in electronic support in optimal conditions of security.

Cuando el usuario desea realizar un pago a través de Internet, podrá hacer uso de cualquier ordenador con conexión a Internet en el que introducirá el hardware de identificación, por ejemplo un CD-Rom, y seguirá el proceso habitual de acceso al portal del banco, páginas personales e implementación de formularios.When the user wishes to make a payment to through the Internet, you can use any computer with Internet connection where you will enter the hardware of identification, for example a CD-Rom, and will follow the usual process of accessing the bank's portal, personal pages and implementation of forms.

Así, una vez se haya accedido a la operación que se desea realizar y previamente a la realización de la transacción, el servidor de identificación pedirá verificación de sectores deteriorados por la ralladura o marca superficial sobre el CD-Rom, para verificar la coincidencia con los errores que identifican al usuario en la base de datos del servidor.Thus, once the operation that it is desired to carry out and prior to the completion of the transaction, the identification server will ask for sector verification deteriorated by the scratch or surface mark on the CD-Rom, to verify the coincidence with the errors that identify the user in the database of the server.

No se considera necesario hacer más extensa esta descripción para que cualquier experto en la materia comprenda el alcance de la invención y las ventajas que de la misma se derivan. El hardware de identificación empleado para el almacenamiento de las ralladuras o marcas superficiales que identifican a cada usuario, el procedimiento de grabación de las mismas, así como el software que implementa la comprobación en cada operación, serán susceptibles de variación siempre y cuando ello no suponga una alteración en la esencialidad del invento.It is not considered necessary to extend this description so that any subject matter expert understands the scope of the invention and the advantages derived therefrom. The identification hardware used for the storage of the scratches or surface marks that identify each user, the procedure for recording them, as well as the software that implements the verification in each operation, will be susceptible of variation as long as this does not imply alteration in the essentiality of the invention.

Claims (2)

1. Sistema de identificación de usuarios en la red aplicables en Internet o Intranet donde los usuarios puedan acceder a información personal y/o realizar operaciones en soporte electrónico, caracterizado por su hardware de identificación tipo cd-card, dvd-card, DVD o CD-Rom que contiene una zona específica donde cada usuario, para realizar el alta, realiza su ralladuras, escrituras o marcas, que lo identifica de forma unívoca en términos de errores del sistema, y que una vez grabadas por la organización en su base de datos, se entrega a cada usuario para su uso en cada operación; y por un software que lo implementa, que comprueba que el usuario que realiza la consulta u operación es el que tiene el cd-card, dvd-card, DVD o CD-Rom que lo identifica como tal.1. System of identification of users in the network applicable on the Internet or Intranet where users can access personal information and / or perform operations on electronic support, characterized by their identification hardware such as cd-card, dvd-card, DVD or CD -Rom that contains a specific area where each user, to register, performs their scratches, deeds or marks, which identifies it uniquely in terms of system errors, and that once recorded by the organization in its database , is delivered to each user for use in each operation; and by a software that implements it, which verifies that the user who performs the query or operation is the one with the cd-card, dvd-card, DVD or CD-Rom that identifies it as such. 2. Sistema de identificación de usuarios en la red según reivindicación 1, caracterizado porque el usuario introduce el hardware de identificación en el ordenador conectado a internet, el cual mediante un software adecuado, y antes de activar desde cualquier ordenador con conexión al servidor del portal de la organización responsable de la identificación una consulta u operación en el mismo, va a realizar una comprobación de autoría mediante la comparación entre los errores de la base de datos del servidor que identifican al usuario y los existentes en el hardware de identificación que ha sido introducido por el usuario en el ordenador desde donde desea realizar la operación.2. User identification system in the network according to claim 1, characterized in that the user enters the identification hardware into the computer connected to the internet, which by means of suitable software, and before activating from any computer connected to the portal server of the organization responsible for the identification of a query or operation in it, will perform a check of authorship by comparing the errors in the server database that identify the user and those existing in the identification hardware that has been entered by the user in the computer from where you want to perform the operation.
ES200300689A 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM. Expired - Fee Related ES2224841B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
ES200300689A ES2224841B1 (en) 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM.
PCT/ES2004/000122 WO2004084487A1 (en) 2003-03-17 2004-03-16 Personal network identification method using a cd-card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
ES200300689A ES2224841B1 (en) 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM.

Publications (2)

Publication Number Publication Date
ES2224841A1 true ES2224841A1 (en) 2005-03-01
ES2224841B1 ES2224841B1 (en) 2006-06-16

Family

ID=33017090

Family Applications (1)

Application Number Title Priority Date Filing Date
ES200300689A Expired - Fee Related ES2224841B1 (en) 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM.

Country Status (2)

Country Link
ES (1) ES2224841B1 (en)
WO (1) WO2004084487A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2890509B1 (en) * 2005-09-07 2009-10-30 Mediscs Sarl METHOD FOR AUTHENTICATING A USER AND DEVICE FOR IMPLEMENTING THE SAME

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001059547A2 (en) * 2000-02-14 2001-08-16 Pnc Global Inc. System and method for providing services to a remote user through a network
GB2373091A (en) * 2002-05-29 2002-09-11 Donald Eric Butterfield Copy protection

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001059547A2 (en) * 2000-02-14 2001-08-16 Pnc Global Inc. System and method for providing services to a remote user through a network
GB2373091A (en) * 2002-05-29 2002-09-11 Donald Eric Butterfield Copy protection

Also Published As

Publication number Publication date
ES2224841B1 (en) 2006-06-16
WO2004084487A1 (en) 2004-09-30

Similar Documents

Publication Publication Date Title
US7240363B1 (en) System and method for thwarting identity theft and other identity misrepresentations
US6885286B2 (en) Fine art registry system, database and method
KR101460934B1 (en) Privacy enhanced identity scheme using an un-linkable identifier
US6993510B2 (en) System and method for managing accounts
US5193114A (en) Consumer oriented smart card system and authentication techniques
US7278026B2 (en) Method and system for the generation, management, and use of a unique personal identification token for in person and electronic identification and authentication
US20060278697A1 (en) System, method and program product for credit card transaction validation
EP0836160A2 (en) Method and means for limiting adverse use of counterfeit credit cards, access badges, electronic accounts or the like
US20060081700A1 (en) Secure credit card having daily changed security number
US20100116880A1 (en) Methods and apparatus for transacting with multiple domains based on a credential
US20090158030A1 (en) Doing business without SSN, EIN, and charge card numbers
US20050114270A1 (en) Merchandise-integral transaction receipt and auditable product ownership trail
US20020138765A1 (en) System, process and article for conducting authenticated transactions
WO2005038572A2 (en) System and method for secure account transactions
FR2717286B1 (en) Method and device for authenticating a data medium intended to allow a transaction or access to a service or a place, and corresponding medium.
US20040243856A1 (en) Four factor authentication system and method
US20160086171A1 (en) Indication of Recurring Transaction for Payment Devices and Credit Cards
CN103310141A (en) Method and system for monitoring of certificate information security
US20060200674A1 (en) Method for securing rfid charge value media via cryptographic signing and block locking
US6412690B1 (en) Credit card security method and credit card
CN103295169B (en) Method and system for safely supervising real estate real person registration information
ES2224841B1 (en) NETWORK USER IDENTIFICATION SYSTEM.
CN102289613A (en) Liquid crystal universal serial bus (USB) Key equipment capable of identifying fingerprint
JP2001338151A (en) Extra personal information storage substrate, security system for personal information storage substrate and security method for personal information storage substrate
JP2007072766A (en) Personal authentication system and method

Legal Events

Date Code Title Description
EC2A Search report published

Date of ref document: 20050301

Kind code of ref document: A1

FG2A Definitive protection

Ref document number: 2224841B1

Country of ref document: ES

FD2A Announcement of lapse in spain

Effective date: 20180808